diff --git a/.github/workflows/permissions.yml b/.github/workflows/permissions.yml
index 1447bc5..02e1bdb 100755
--- a/.github/workflows/permissions.yml
+++ b/.github/workflows/permissions.yml
@@ -5,6 +5,8 @@ on:
       - '**/run'
       - '**/finish'
       - '**/check'
+      - 'root/migrations/*'
+
 jobs:
   permission_check:
     uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
diff --git a/README.md b/README.md
index 533af62..f73d22d 100644
--- a/README.md
+++ b/README.md
@@ -65,6 +65,14 @@ To log in to the application, browse to `http://<hostip>:6501`.
 * Default Password: admin
 `change password ASAP.`
 
+## Read-Only Operation
+
+This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/).
+
+### Caveats
+* Not supported when running with SSL (Further debuging into why is appreciated)
+
+
 ## Usage
 
 To help you get started creating a container from this image you can either use docker-compose or the docker cli.
@@ -113,6 +121,7 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-e PGID=1000` | for GroupID - see below for explanation |
 | `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
 | `-v /config` | Persistent config files |
+| `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). |
 
 ## Environment variables from files (Docker secrets)